HITECH/HIPAA Information Page

On February 17, 2009 the American Recovery and Reinvestment Act (ARRA) (a/k/a the Stimulus Bill) was signed into law. A subset of ARRA is the Health Information Technology for Economic and Clinical Health Act (HITECH Act). The HITECH Act authorizes a $36 billion investment in Health Information Technology (HIT) and Health Information Exchanges (HIE) to improve quality, care coordination and to lower costs.

• The HITECH Act is divided into four parts:


• Subtitle A: Promotion of HIT


• Subtitle B: Testing of HIT


• Subtitle C: Grants and Loan Funding


• Subtitle D: Privacy

New Privacy and Security rules went into effect on September 23, 2009. However, HHS will not enforce the new rules until February 22, 2010. But some states are beginning to enforce the new rules effective immediately.

Below are four of the major changes to the privacy rules:


1. Creates new obligations for Covered Entities and their Business Associates and modifies individual rights under the Privacy Rule.


2. Creates new civil money penalties and enforcement mechanisms.


3. Applies HIPAA Security & Privacy Rule standards to Business Associates as matter of law.


4. Requires "notification" after a breach of "unsecured PHI" is discovered by Covered Entity or Business Associate.

The following link will take you to the HITECH/HIPAA Information/Resource page on the Highlands Wellmont Health Network (HWHN) website. In order to have consistent and updated resources we opted to place all information relative to HIPAA/HITECH Act on one site rather than duplicate this information at both the HPI and HWHN websites.

Click Here